11name : CI
2-
2+ permissions :
3+ contents : write
4+ pull-requests : write
35on :
46 push :
57 branches :
4951 github_token : ${{ secrets.GITHUB_TOKEN }}
5052 publish_dir : .
5153
54+ dependabot :
55+ name : ' Dependabot'
56+ needs : build # After the E2E and build jobs, if one of them fails, it won't merge the PR.
57+ runs-on : ubuntu-latest
58+ if : ${{ github.actor == 'dependabot[bot]' && github.event_name == 'pull_request'}} # Detect that the PR author is dependabot
59+ steps :
60+ - name : Enable auto-merge for Dependabot PRs
61+ run : gh pr merge --auto --merge "$PR_URL" # Use Github CLI to merge automatically the PR
62+ env :
63+ PR_URL : ${{github.event.pull_request.html_url}}
64+ GITHUB_TOKEN : ${{secrets.GITHUB_TOKEN}}
65+
5266 npm-publish-build :
5367 needs : build
5468 runs-on : ubuntu-latest
@@ -64,14 +78,14 @@ jobs:
6478 run : ' sed -i -E "s/(\"version\": *\"[^\"]+)/\1-${GITHUB_SHA_SHORT}/" package.json'
6579 - name : Disable pre- and post-publish actions
6680 run : ' sed -i -E "s/\"((pre|post)publish)/\"ignore:\1/" package.json'
67- - uses : JS-DevTools/npm-publish@v4
81+ - uses : JS-DevTools/npm-publish@v4.1.0
6882 if : github.actor != 'dependabot[bot]' && github.actor != 'dependabot-preview[bot]'
6983 with :
7084 token : ${{ secrets.NPM_TOKEN }}
7185 tag : ${{ env.GITHUB_REF_SLUG }}
7286
7387 npm-publish-latest :
74- needs : build
88+ needs : [ build, npm-publish-build]
7589 runs-on : ubuntu-latest
7690 if : github.ref == 'refs/heads/main'
7791 steps :
8397 node-version : 20.x
8498 - name : Disable pre- and post-publish actions
8599 run : ' sed -i -E "s/\"((pre|post)publish)/\"ignore:\1/" package.json'
86- - uses : JS-DevTools/npm-publish@v4
100+ - uses : JS-DevTools/npm-publish@v4.1.0
87101 if : github.actor != 'dependabot[bot]' && github.actor != 'dependabot-preview[bot]'
88102 with :
89103 token : ${{ secrets.NPM_TOKEN }}
0 commit comments